Continuing on from our recent blog where we looked at assessing the quality risks for the ISQM, this week we look at how to develop a quality management strategy.

Have You Developed Your Quality Management Strategy Yet?

There are four key steps involved in developing a quality management strategy:

  1. Respond to quality risks – what is required in ISQM 1?
  2. Map and document your responses
  3. The role of the RI in embedding audit quality
  4. Practical considerations for less complex firms

We will look at the first of these steps today.

Bear in mind that the quality management process is iterative, so you are expected to adjust the assessment at any time if you notice any risks have changed since they were last assessed. Make sure to document your changes and the reasons for the change.

Respond to quality risks – what is required in ISQM 1?

The types of quality risks that may exist will vary from firm to firm and will be influenced by the size and complexity of the clients as well as the size of the firm and the numbers of offices it has, as well as the non-audit services it provides.

The responses will be influenced by factors like the specific responses that are required by Paragraph 34 of ISQM 1 which includes responses that the firm is required to design and implement. However there is the caveat that ‘unlike the quality objectives …the specified responses are not comprehensive and would not fully address all quality risks. Accordingly, the firm is expected to design and implement responses in addition to those specified in the standards.’

There are also the 12 additional requirements to paragraph 34 added by the Irish Audit & Accounting Supervisory Authority.

Factors to be aware of will include:

  • The type of audit programme used and whether ether is an updating service;
  • The type of ISQM Manual used;
  • CPD training policies within the firm;
  • Whether the firm is part of a Network and what types of support it may offer;
  • Technical resources and having confidence that they are competent and up to date;
  • The types of non-audit services provided and whether these are offered to audit clients where there could be an ethical threat;
  • The length of time the audit partners have provided the audit service to their clients with the potential for long association risk.

This list is not exhaustive.

It’s impossible to cover everything in this brief blog. For more assistance please see our new ISQM TOOLKIT or if you prefer to chat through the different audit risks and potential appropriate responses presented by this new standard, please call or e-mail John McCarthy FCA or e-mail him at

Publications and AML webinar

  • The ISQM TOOLKIT 2022 is available to purchase here.
  • See our latest Anti-Money Laundering Policies Controls & Procedures Manual (March 2022) – View the Table of Contents click here.
  • Also we have an updated AML webinar (March 2022) available here, which accompanies the AML Manual. It explains the current legal AML reporting position for accountancy firms and includes a quiz. Upon completion, you receive a CPD Certificate of attendance in your inbox.
  • To ensure your letters of engagement and similar templates are up to date visit our site here where immediate downloads are available in Word format. A bulk discount is available for orders of five or more items if bought together.